-
Hello,guys.
I am new to this, so I ask for an apology if the question is too easy.
Scirius can't get data from ES 6.2.3 !
But the status of the ES is green light, I can see the indexes in the sci…
-
The suricata.py file generates same signatures with different filemd5 hashes for the same attack type. Any help here would be greatly appreciated. Thank you so much for providing this integration poin…
-
Add an optional `internal_networks` configuration option to
- Filebeat IPTables Module
- Filebeat Netflow Input and Module
- Filebeat Suricata Module
- Filebeat Zeek Module
- Packetbeat
that a…
-
I'd like to request Sqlite be added as an output plugin. Sqlite could be used as in smaller HIDS types of roll outs as opposed the more typical central or concentrated Snort/Suricata roll outs.
Thanks…
-
python r2a.py -C /etc/suricata/suricata-debian.yaml -f rules/emerging-all.rules -e 1.2.3.4 -m 10.0.0.123 -w test.pcap -v
using Linux Mint
python-yaml, python-scapy are installed. Python 2.7.6 is insta…
-
Hi there,
I have followed the instructions and also modified the docker composer file but I it seems like disem is unable to connect to the elasticsearch database.
I don't see any errors in the logs…
-
It would be a great idea to add libhtp to vcpkg library
M010 updated
11 months ago
-
Hi,
I'm trying to use Elastalert to request Suricata alerts in my Elastic to send alerts to TheHive. Standards requests and alerts worked fine, and I've got all my Suricata alerts in TheHive.
But no…
-
Hi, today I was looking at this really interesting feature in the file: `analyzer/windows/modules/auxiliary/tlsdump.py`.
At the end of the analysis I can download the pcap and log files containing re…
-
Hello,
I am trying to use NSM for chaining different security functions. The use case is similar to the SFC one (see issue #2068).
I am aware of the [nse-composition example](https://github.com/n…